OPSWAT Combines 7 Anti-virus Engines to Improve Malware Scanning

OPSWAT's Metascan is built from anti-virus engines from seven different companies, including Kaspersky Lab, AVG Technologies and CA, combined into a single security product to keep malware at bay. Metascan can also be used to manage security scans by preinstalled tools from companies such as Symantec and McAfee.

OPSWAT is offering customers a new vision of layered security.
The company unveiled on Jan. 27 a product called Metascan that combines
anti-virus engines from seven different vendors to improve the chances of catching
malware infections before they do any damage. Metascan brings together
technologies from Kaspersky Lab, CA,
ESET, AVG Technologies, VirusBuster, Norman and ClamWin.

The built-in engines can be managed through a programmatic interface, MMC
(Microsoft Management Console) or the ICAP (Internet Content Adaptation
Protocol).

"Metascan combines seven built-in anti-virus engines plus an interface
supporting integration with many anti-virus packages a user may already
own," said Benny Czarny, founder and CEO
of OPSWAT. "The benefit of scanning content with multiple engines is that
not all engines can detect all threats and not all engines scan files in [the]
same time period, so by using multiple engines you get faster detection with
broader coverage."
Metascan works on Windows systems, and can detect over 400 file types
including PDF, .doc and .exe formats. Metascan also integrates with third-party
software and hardware via Version 1.0 of the ICAP and an intuitive API, and
provides a single scanning interface for pre-installed anti-virus from vendors
such as Symantec and McAfee, OPSWAT said.
The presence of all these different engines may raise flags about
system performance, (PDF) but Czarny contends that Metascan is only "slightly
slower than the slowest built-in engine" for a given file scan.

"Also note that normally [the] issue of running multiple engines
together is related to their on-access [real-time] scanning component,"
Czarny added. "Metascan does not have any resident real-time scanner: It
is an API-driven on-demand scanner."
As the number and sophistication of Internet-based threats grows, many
organizations are augmenting defense-in-depth strategies with
defense-in-breadth strategies, opined Andrew Braunberg, research director of
enterprise software and security for Current Analysis.
"Centrally managing these security applications
is an increasingly critical component of overall security management
capabilities," Braunberg said in a statement.